Entity Statement
Contents
Full Title or Meme
A digital document that describes a digital Entity typically signed by a trusted issuer or Authority.
Context
On the Identity Management page different roles are defined for Entities.
Problems
Solutions
Quite a few structures have been defined to describe entities. The Entity Statement created in the OpenID Connect Federation document is taken as be base for comparison with several others in the table below.
Entity Statement | HL7 capability | X.509 certificate | DID Document | Notes |
n/a | persistent URI | version 3 | Document ID - may include url to this or current version of doc | |
iss | The entity identifier of the issuer of the statement. | |||
sub | The entity identifier of the subject | |||
iat | The time the statement was issued. | |||
exp | Expiration time when the statement MUST NOT be used for new signatures | |||
jwks | public part of the subject entity's signing keys | |||
authority_hints | entities that may issue an entity statement about the issuer entity | |||
metadata | protocol specific metadata claims | |||
metadata_policy | type followed by organization information | |||
sub_is_leaf | is the subject considered a leaf entity | |||
Legal entity | not part of openid statement | |||
b | ||||
federation | s/w app | PKI | self ID | context |
HL7 FHIR Capability Statement
The FHIR spec include a definition of a Resource Capability Statement. Which is similar in purpose to the Entity Statement but includes FHIR specific fields. To quote the spec "A Capability Statement documents a set of capabilities (behaviors) of a FHIR Server for a particular version of FHIR that may be used as a statement of actual server functionality or a statement of required or desired server implementation.".